package com.example.shiro.controller;

import com.alibaba.fastjson.JSON;
import com.example.shiro.dao.UserMapper;
import com.example.shiro.model.Permissions;
import com.example.shiro.model.Role;
import com.example.shiro.model.User;
import com.example.shiro.service.Impl.LoginServiceImpl;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import java.util.HashSet;
import java.util.Set;


/**
 * @description:
 * @author: guoc
 * @createDate: 2020/4/24 15:03
 */
@Controller
public class LoginController  {

    @Autowired
    LoginServiceImpl loginService;
    @Autowired
    UserMapper mapper;

    @RequestMapping("login")
    @ResponseBody
    public String login(HttpServletRequest request){
        System.out.println("----------");
        String username = request.getParameter("username");
        String password = request.getParameter("password");

        //添加用户认证信息
        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(username,password);
        try {
            //进行验证，这里可以捕获异常，然后返回对应信息
            subject.login(usernamePasswordToken);
        }catch (AuthenticationException e){
            e.printStackTrace();
            return "账号或密码错误！";
        }catch (AuthorizationException e) {
            e.printStackTrace();
            return "没有权限";
        }
        return "login success";
    }


    //注解验角色和权限
    @RequiresRoles("admin")
    @RequiresPermissions("add")
    @RequestMapping("/index")
    @ResponseBody
    public String index() {
        return "index!";
    }


    @RequestMapping("addUser")
    @ResponseBody
    public String addUser(){

        Permissions permissions1 = new Permissions("1","query");
        Permissions permissions2 = new Permissions("2","add");
        Set<Permissions> permissionsSet = new HashSet<>();
        permissionsSet.add(permissions1);
        permissionsSet.add(permissions2);
        Role role = new Role("1","admin",permissionsSet);
        Set<Role> roleSet = new HashSet<>();
        roleSet.add(role);
        String roleSets = JSON.toJSONString(roleSet);
        User user = new User("1","abner","123456",roleSets);

        Permissions permissions3 = new Permissions("3","query");
        Set<Permissions> permissionsSet1 = new HashSet<>();
        permissionsSet1.add(permissions3);
        Role role1 = new Role("2","user",permissionsSet1);
        Set<Role> roleSet1 = new HashSet<>();
        roleSet1.add(role1);
        String roleSets2 = JSON.toJSONString(roleSet1);
        User user1 = new User("2","zhaoy","123456",roleSets2);

        mapper.addUser(user1);

        return "add";
    }





}
